Book Image

Building a Web Application with PHP and MariaDB: A Reference Guide

By : Sai S Sriparasa
Book Image

Building a Web Application with PHP and MariaDB: A Reference Guide

By: Sai S Sriparasa

Overview of this book

Table of Contents (17 chapters)
Building a Web Application with PHP and MariaDB: A Reference Guide
Credits
About the Author
About the Reviewers
www.PacktPub.com
Preface
Index

Access controls


In this section, let us begin by locking down the access for a user logged-in as a student. We will be making a few changes to facilitate this change. The first change will be adding new session variables to carry more information about the user. We will make this change to the login method in the Login_Model class. In the following snippet, we have modified the SQL to fetch the username and student ID. We are then adding the student ID to the session variables in the models/login_model.php file, as shown in the following code:

public function login($username, $password){
  $st = $this->db->prepare("SELECT student_id, username FROM students WHERE username = :username AND password = :password");
  $st->execute(array(':username' => $username,':password' => SHA1($password)));

  $data = $st->fetch(PDO::FETCH_ASSOC);
  $hasData = $st->rowCount();

  if($hasData >0){
    Session::set('loggedin',true);
    Session::set('username',$data['username']);
    Session...